Tag Archives: InfoSec

Protect Your Macintosh with AVG

The “Macs don’t get viruses” nonsense was never really true; it was only “common knowledge” because there was no practical reason to write viruses for Macs–the “security through obscurity” maxim protected the ecosystem since the mid-1980s. Since the rise of Apple’s marketshare in the 21st century, there has been an increase in the threat of malware and other nasty bits of code infecting so-called “immune” Macintosh computers. Once upon a time, antivirus for Mac was considered a joke and a ripoff. Today, it is an understated necessity.

Enter AVG–long have they been one of the bastions of security in the PC sphere, their flagship antivirus utility is now available for Mac. It’s a lightweight application that offers the level of protection one would expect from AVG on a PC, and it even scans for known PC and Android threats to prevent you from unwittingly spreading an infection to other devices!

In addition to AVG’s antivirus, they also offer a useful cleaner app that scans your Mac for detritus that can bog down the system and cause a loss in performance or valuable hard drive space. Many applications leave behind small breadcrumbs–configuration files or other nonessential bits of code–in the OSX Library or System folders, usually as hidden files or folders that even most advanced users wouldn’t necessarily know to look for after uninstalling. The AVG Cleaner app scours your hard drive for this kind of refuse and eliminates it. I ran it once and regained an easy 3.5GB of space!

It’s a brave new world out there, and we’re better off being prepared than we are posturing with austerity. You don’t have to use AVG, but for the price, it can’t be beat!

Also on:

What Apple’s FBI Standoff Says About Google’s Android Security

Everyone fails to recognize that the decentralised nature of Android is–while being a “mainstream flaw”–is one of its greatest strengths. Yes, Google wants to have more control over its operating system, but that goes against the very nature of what they intended when they began developing it. The point of the matter, though, is that very little would change if that asshole had used Android instead (considering the likely application of Paranoid Android in such a case). Actually, the whole matter would likely be less of an issue politically because there is not one entity to subpoena. The FBI could subpoena Google to do something, but Google could (in good faith) say that there is nothing they can do if an alternative OS were installed. The takeaway here should not be how much more secure iPhones are (they aren’t necessarily), but that compulsory cracking like this is dangerous to freedom at large.

“There is nothing new in the realization that the Constitution sometimes insulates the criminality of a few in order to protect the privacy of us all.”

Justice Antonin Scalia

Source: What Apple’s FBI Standoff Says About Google’s Android Security | Re/code

Also on:

Customer Letter – Apple

Tim Cook and Apple are telling the US Government to get bent, and for good reason: encryption is vital to our individual security and to undermine that is to undermine our entire society. If the “good guys” can have a backdoor into your house, it’s only a matter of time before the bad guys copy the keys.

If your first reaction is to shrug and say, “I have nothing to hide,” I hate to break it to you, but you’re not clever enough to understand the implications, so go sit down at the kids’ table and let the grown-ups argue.

As a side note (full journalistic disclosure): If you read this website, you already know my opinions on Apple are complicated, but I do use a 2010 Macbook Pro daily, and I encourage most “casual users” to consider adopting OSX machines as their daily drivers. Despite this, I do loathe iOS since the move to “flat design”, and I vehemently refuse to “upgrade” OSX past Mavericks for design reasons as well as “integration features” that annoy me.

A Message to Our Customers

Source: Customer Letter – Apple

Also on:

Stranger hacks family’s baby monitor and talks to child at night

I keep a Foscam IP camera like the one in this story around just to tinker with. They are anything BUT secure, though!

A 3-year-old boy living in Washington received quite the scare when he started hearing a voice talk to him at night. After telling his parents, Mom was shocked at what she found.

Source: Stranger hacks family’s baby monitor and talks to child at night  | SF Globe

Also on:

How to create app-specific passwords in Google

Sometimes you’re going to run across an application that uses the Google API, but for whatever reason does not support 2-factor authentication. Google has wisely built an infrastructure for such incidents. In your security settings, you can create “burner” passwords that can be used for specific applications. You typically don’t need to remember or write down these passwords because they are persistent on the device accessing Google, only accessible to one application, and can easily be exchanged for a new code if ever compromised. To get one of these passwords, head over to http://myaccount.google.com/security

If you’ve never used this section of Google before, it would be beneficial to take a couple of minutes to familiarize yourself with the options available before proceeding. When you’re ready, scroll down to “Signing in to Google” under the “Sign-in & security” section.

Screen Shot 2016-01-17 at 3.38.08 PM

In the screenshot above, you can see the “App passwords” heading on the bottom-right. Click this section and you will likely be prompted to enter your Google password again before accessing the app passwords section.

The following page will present you with a list of applications using specific passwords. To create a new password, just select the appropriate options from the drop-down menus and click “Generate”. You’ll be presented with a 16-character password that you can use to log in persistently with a particular application (such as Outlook or Apple Mail). If the password is ever compromised, you can simply click the “Revoke” button and the password is burned forever.

Also on:

Security Experts Oppose Government Access to Encrypted Communication

A new report says giving the governments “exceptional access” to encrypted communications would jeopardize confidential data and critical infrastructure.

Source: Security Experts Oppose Government Access to Encrypted Communication

Also on: